CVE-2008-2199

Kmita Mail < 3.0 - Remote Code Execution via HTML Code File Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2199. PoCs published by K-159.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Kmita Mail <= 3.0 via the 'file' parameter in htmlcode.php. Successful exploitation requires 'register_globals' to be enabled and may require authentication.

Description

PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by K-159 · textwebappsphp

https://www.exploit-db.com/exploits/5545

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Kmita Mail <= 3.0 via the 'file' parameter in htmlcode.php. Successful exploitation requires 'register_globals' to be enabled and may require authentication.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Kmita Mail <= 3.0

Auth required

Prerequisites: register_globals enabled · authentication credentials (default: admin/admin)

MITRE ATT&CK